Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.2.1.4 Have at least 1 number (1, 2, 3...)CIS Zoom L1 v1.0.0Zoom

CONFIGURATION MANAGEMENT

1.4.2.1 Ensure 'TACACS+/RADIUS' is configured correctly - hostCIS Cisco Firewall ASA 9 L1 v4.1.0Cisco

IDENTIFICATION AND AUTHENTICATION

2.2.5 Ensure DHCP Server is not installedCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

2.2.6 Ensure LDAP server is not installedCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT

3.2.2 Ensure packet redirect sending is disabledCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

3.5.1.1 Ensure firewalld is installedCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.1.4 Ensure firewalld service enabled and runningCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.6 Ensure nftables base chains existCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.2.7 Ensure nftables loopback traffic is configuredCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.2.4 Ensure iptables default deny firewall policyCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.3.1 Ensure ip6tables loopback traffic is configuredCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.5.3.3.5 Ensure ip6tables rules are savedCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2.1.1 Ensure rsyslog is installedCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

4.2.2.2 Ensure journald is configured to compress large log filesCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

4.2.2.3 Ensure journald is configured to write logfiles to persistent diskCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

AUDIT AND ACCOUNTABILITY

5.2.2 Ensure sudo commands use ptyCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.3.6 Ensure SSH access is limitedCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

5.3.12 Ensure SSH root login is disabledCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

ACCESS CONTROL

5.3.17 Ensure only strong MAC algorithms are usedCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.3.18 Ensure only strong Key Exchange algorithms are usedCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.3.24 Ensure SSH MaxStartups is configuredCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.4.2 Ensure lockout for failed password attempts is configuredCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.4.3 Ensure password hashing algorithm is SHA-512CIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.5.3 Ensure default group for the root account is GID 0CIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

5.16 OAS - 'SSL Client Authentication - ssl_client_authentication = TRUE'CIS v1.1.0 Oracle 11g OS Windows Level 2Windows

ACCESS CONTROL

6.1.3 Ensure permissions on /etc/passwd- are configuredCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

6.1.7 Ensure permissions on /etc/gshadow are configuredCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

6.1.9 Ensure permissions on /etc/group- are configuredCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

ACCESS CONTROL, MEDIA PROTECTION

6.1.14 Audit SGID executablesCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2.5 Ensure no duplicate user names existCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2.15 Ensure no users have .forward filesCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION

6.2.16 Ensure no users have .netrc filesCIS Amazon Linux 2 STIG v2.0.0 L1 ServerUnix

CONFIGURATION MANAGEMENT, MAINTENANCE

6.7 Ensure FIPS 140-2 OpenSSL Cryptography Is UsedCIS PostgreSQL 14 OS v 1.2.0Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.7 Ensure FIPS 140-2 OpenSSL Cryptography Is UsedCIS PostgreSQL 15 OS v1.1.0Unix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.7 Ensure FIPS 140-2 OpenSSL Cryptography Is UsedCIS PostgreSQL 17 v1.0.0 L1 PostgreSQLUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

8 - Managing TLS and SSL - FIPS 140-2 EnabledNetApp Security Hardening Guide for ONTAP 9 v1.7.0Netapp_API

SYSTEM AND COMMUNICATIONS PROTECTION

10.2 SN.2 Remove Support for Internet Services (inetd)CIS Oracle Solaris 11.4 L2 v1.1.0Unix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

18.4.3 (L1) Ensure 'Configure SMB v1 server' is set to 'Disabled'CIS Microsoft Windows Server 2025 v1.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT

18.9.25.2 (L1) Ensure 'Do not allow password expiration time longer than required by policy' is set to 'Enabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BLWindows

IDENTIFICATION AND AUTHENTICATION

18.9.25.2 (L1) Ensure 'Do not allow password expiration time longer than required by policy' is set to 'Enabled'CIS Microsoft Windows Server 2022 v4.0.0 L1 MSWindows

IDENTIFICATION AND AUTHENTICATION

18.9.25.2 (L1) Ensure 'Do not allow password expiration time longer than required by policy' is set to 'Enabled'CIS Microsoft Windows Server 2019 v4.0.0 L1 MSWindows

IDENTIFICATION AND AUTHENTICATION

18.10.17.1 (L1) Ensure 'Enable App Installer' is set to 'Disabled'CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1Windows

CONFIGURATION MANAGEMENT

18.10.18.1 (L2) Ensure 'Enable App Installer' is set to 'Disabled'CIS Microsoft Windows 10 Enterprise v4.0.0 L2Windows

CONFIGURATION MANAGEMENT

18.10.18.1 (L2) Ensure 'Enable App Installer' is set to 'Disabled'CIS Microsoft Windows 11 Enterprise v4.0.0 L2 BitLockerWindows

CONFIGURATION MANAGEMENT

18.10.18.1 (L2) Ensure 'Enable App Installer' is set to 'Disabled'CIS Microsoft Windows 10 Stand-alone v4.0.0 L2Windows

CONFIGURATION MANAGEMENT

18.10.18.3 (L1) Ensure 'Enable App Installer Hash Override' is set to 'Disabled'CIS Microsoft Windows Server 2022 v4.0.0 L1 DCWindows

CONFIGURATION MANAGEMENT

18.10.18.3 (L1) Ensure 'Enable App Installer Hash Override' is set to 'Disabled'CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MSWindows

CONFIGURATION MANAGEMENT

18.10.18.3 (L1) Ensure 'Enable App Installer Hash Override' is set to 'Disabled'CIS Microsoft Windows Server 2019 v4.0.0 L1 DCWindows

CONFIGURATION MANAGEMENT

EPAS-00-004900 - The EDB Postgres Advanced Server must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for cryptographic operations.EnterpriseDB PostgreSQL Advanced Server OS Linux v2r1Unix

IDENTIFICATION AND AUTHENTICATION

OH12-1X-000232 - A public OHS server must use TLS if authentication is required to host web sites - SSLProtocolDISA STIG Oracle HTTP Server 12.1.3 v2r3Unix

CONFIGURATION MANAGEMENT